Matthias Spork wrote:
Hello,
> so, i am seeking the solution making the password expiry feature
> avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks.
the password expires in Unix and Samba.
Samba does all changes for itself. You can set password-age to 60 days
by typing:
#> pdbedit -P "maximum password age" -C 5007600
For Linux you have to change "shadowlastchange" in LDAP. I wrote a
script for this:
smb.conf:
#---------------------------------------------------------
unix password sync = yes
passwd program = /etc/samba/scripts/ldap_userPassword_change %u
passwd chat = *New*password* %n\n *new*password* %n\n *Success*
#---------------------------------------------------------
/etc/samba/scripts/ldap_userPassword_change:
#---------------------------------------------------------
#!/bin/sh
LDAP_SERVER="ldapserver"
LDAP_USER="uid=userPassChange,o=mydomain,c=com"
LDAP_PASS="secret"
LDAP_PASSWD="/usr/bin/ldappasswd"
LDAP_MODIFY="/usr/bin/ldapmodify"
#DN of User
USER_DN="uid=$1,ou=users,o=mydomain,c=com"
#Get Date
TS=`date +%s`
SLC="$(($TS/24/3600))"
#-> MODIFY userPassword
$LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN
#-> MODIFY shadowlastchange
if [ $? -eq 0 ]; then
echo "dn: $USER_DN
changetype: modify
replace: shadowLastChange
shadowLastChange: $SLC" | $LDAP_MODIFY -x -h $LDAP_SERVER -D
$LDAP_USER -w $LDAP_PASS >/dev/null 2>&1
fi
exit
#---------------------------------------------------------
kind regards
Matthias
Hiu Yen Onn schrieb:
Hi,
i have configured a Samba PDC based on idealx.org.
now, whenever i set the sambaMustChangePassword flag to 0, then
from the subsequent logon, there is a popup urge me for changing
password.
now, the problem is after i have changed the password, the
sambaMustChangePassword
is set to 2147483647(unix timestamp), which if i converted it into
human readable format, it will be 2038 year, bla..bla..and bla
second. it is really unbelieveable that my password will be lasted
until year 2038 year??? i have looked thoroughly on the internet
resources, some mentioning about on defaultMaxPasswordAge flag. I
think i have set it to 55 (actually, i dunno whether what is the
quantity representing, day?? time??). but, i have no point to make it
works.
so, i am seeking the solution making the password expiry feature
avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks.
Cheers,
yenonn
how can u calculate the 5007600. thanks....
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba